Data protection and EEA and emailing your files
Written on 10/08/2018

EU legislation will affect Data Protection whether in or out.

And there is not much change in the EEA, because most financial services legislation is EEA wide, not EU wide, and that certainly includes MIFID.   But one matter that does stay within EU is the data protection reform that is coming your way for full implementation in 2018.  This EU directive is different to EU regulation, because it must be transposed, verbatim, and no member interpretation or amendment is allowed at country level.  The aim of the regulation is to harmonise EU data protection law within the EU.  This makes sense since so much information now goes cross border.   According to the BCCA (consumer credit trade body) it is not uncommon for EEA members anyway to have exactly the same legislation to their EU counterparts, in order to facilitate free trade.


The key changes from the data protection law at present are summarized here


    Joint obligations and liability for data controllers and data processors.

    Mandatory data protection officers for most businesses like retail financial services. However this can be outsourced to firms like ours which specialize in holding data.

    It will be mandatory to report a breach to the data protection regulator as well as to consumers.

    The policies and procedures that you all have in place (see the doc library) will now be mandatory. We will be updating ours in good time.

    Customers will have to take positive action to agree consent. This means that client agreements will have to be signed by clients in future. We will get the originals amended in good time.

    Subject access responses will be free going forwards.

    Privacy impact assessments must be carried out and evidenced where new technologies are being deployed.

    Fines of 4% of revenue can be levied.


This is all coming your way - oh the excitement.  All in all there are not many changes, and not much to worry about – just a mild tightening up but mostly in line with common sense.  However if you have read some of the commentary (my ghastly competitors) on the subject you would be forgiven for thinking that the end of the world is fast coming upon us.  But one thing is sure, the emailing client files should always be encrypted, or better still use a system such as Bat.

All news
Other categories
Newsletter
349 entries.
IFA
117 entries.
FCA
52 entries.
Pension
37 entries.
Mortgage
8 entries.
CCL
7 entries.
GI
13 entries.
Article
35 entries.
Event
15 entries.
10 last entries
elite
Daniel Garabal - 25/03/2024
ICARA CAPITAL ADEQUACY RULES FOR IFAS
Charlie Palmer - 05/12/2023
THE PENSIONS MERRY GO ROUND
Charlie Palmer - 27/10/2023
REGULATION AND JOINING THE ELITE
Charlie Palmer - 06/10/2023
AUTO-COMPLAINT HANDLING
Charlie Palmer - 08/09/2023
CYBER FRAUD AT TRAVEL AGENTS - ALVARO ADVISES BOOK YOUR HOLIDAY DIRECT WITH AIRLINE
Charlie Palmer - 11/08/2023
BATSOFT LAUNCH SM&CR TOOL
Charlie Palmer - 07/08/2023
CONSUMER DUTY - NOW IT IS EMBEDDED
Charlie Palmer - 07/08/2023
FCA ABOLISHES THE FOUR WEEK COMPLAINTS RESPONSE LETTER
Charlie Palmer - 25/07/2023
FCA - THE PRICE REGULATOR, SERVICING FEES AND MIFID RESTRICTIONS
Charlie Palmer - 25/07/2023